To configure REST API you need to edit the frontend configuration file
app/config/frontend.ini.php, for example
$config['api'] = array(
'baseUrl' => '/api/v1',
'allowedOrigins' => array(),
'auth' => array(
'component' => 'MyCustomAuth',
'JWT' => array(
'expiresIn' => 600,
'alg' => 'HS256'
),
),
'formatting' => array(
'fields' => array(
// fields that should be removed from results
'remove' => array(
'title',
'Category' => array('name')
),
// fields (removed by default) that should be kept
'keep' => array(
'ip_created',
'Category' => array('object_type_id', 'priority')
)
)
),
'validation' => array(
'writableObjects' => array('document', 'event'),
'allowedUrlParams' => array(
'endpoint_name' => array('param_one', 'param_two')
)
),
'upload' => array(
'quota' => array(
'maxFileSize' => 8*1024*1024, // 8 MB
'maxSizeAvailable' => 50*1024*1024, // 50 MB
'maxFilesAllowed' => 500
)
)
);Possible configuration params are:
baseUrlthe base url of REST API. Every request done tobaseUrlwill be handled as an API REST request via routing rulesallowedOriginsdefine which origins are allowed. Leave empty to allow all originsauthcontains authentication configurations:componentdefine the name of auth component to use. By defaultApiAuthComponent is usedJWTdefine some options used in Json Web Token :doc:`authentication </endpoints/auth>` as the "expires in" time (in seconds) and the hashing algorithm to useformattingpermits to setup some fomatting rules as object fields to :ref:`remove <formatting-remove-fields>` or to :ref:`keep <formatting-keep-fields>`validationsetup some validation rules used generally in write operations or to validate request and data:writableObjectsdefine what object types are writableallowedUrlParamsdefine which :ref:`query string paramters are valid for endpoints <configure-allowed-query-string-conf>`
uploadthe upload configuration. Contains:quotais an array with space and files limits available for every user. See :ref:`quota-limits`.